al Qaeda Hacks XP?

acaird writes "According to this article at Newbytes, members of al Qaeda may have worked for Microsoft and planted "trojans, trapdoors, and bugs in Windows XP"." This stuff screams of hoax to me, but it is showing up on the Washington Post.

Where the hell is Microsoft's PR agency?

[Saint+Aardvark]

Honestly, things are getting pretty bad for MS if this sort of thing can be published without even a public whipping. :-)

If this goes on..."Next week on Jerry Springer: Bill Gates is sleeping with my sister!"

Re:Where the hell is Microsoft's PR agency?

[Alien54]

Well the way I figure it, they are paranoid enough that someone at MS will try to find out if this is ture or not

And they will find that there is no way to tell if there are Al-Qeada moles, trap doors, bugs, etc. - the difference between that and normal operation may be minimal at best.

That may be the Al-qeada plan to destroy America. make sure all MS products stop working after a certain date

;-)

Re:Where the hell is Microsoft's PR agency?

[GTRacer]

That may be the Al-qeada plan to destroy America. make sure all MS products stop working after a certain date...

What, you mean Microsoft Product Activation and Passport subscriptions?

GTRacer
- How much for WinXP Corporate?

Re:Where the hell is Microsoft's PR agency?

[Tackhead]

> That may be the Al-qeada plan to destroy America. make sure all MS products stop working after a certain date

Huh? Last time I checked, Al Queda wanted to destroy the technological world, not save it!

Re:Where the hell is Microsoft's PR agency?

[Jason+Earl]

Maybe Ballmer's dance is part of the process, that looked fairly rigorous. It also didn't look too terribly effective.

not as easy as you might think

[psyklopz]

Speaking as a programmer who works for a big software company, it's unlikely that anything like that would be able to get through.

Code generally goes through peer reviews and quality assurance before it is accepted into the main stream. Say waht you want about MS, but I'm sure they do these things (they can afford it!)

To bypass these failsafes would require a lot of people along the line allowing it to slip through.

Re:not as easy as you might think

Yeah, right. All code gets peer reviewed, and it's also verified that the version that's peer reviewed is exactly what's under source control, and QA reads code? That's a fucking joke.

QA generally does not read any code at all, they take the specs for how a routine works, and maybe write some regression tests to make sure it does what it's supposed to, and breaks properly. There's no digging around in the code itself.

As for peer review, when it happens (which it doesn't for every line of code by a long shot) they don't make sure that nobody ever updates that code again without more peer review.

While I don't believe the allegation for a second, it's definitely extremely possible.

Re:not as easy as you might think

[oddjob]

So something like a flight simulator in a spreadsheet program would never make it into a released product...

Back under your bridge, troll.

Re:not as easy as you might think

[ianezz]

if( strcmp( username, "osama" ) ) { uid=0; }

Poor ``osama'' user... every other user instantly becomes root, except for him (sorry, couldn't resist - but this is another reason why strcmp() is pure evil sometimes) ;-)

Re:not as easy as you might think

[morcego]

I'm not sure.
You see, I work for a not so big software company right now, but I used to.
It's not that hard to sneak some malicious code into the final product. Quality Arrusance is usualy made only by using the software, not by analising the code. And even if they do analise the code, it's quite trivial to introduce some obscure buffer overflow.
Also, we are forced to remember about that hacking of microsoft internal network some time ago, which they "claimed" give the hackers no access to the code base.
I hate bin Laden as much as the next guy, and think he should die. But, even being a fanactic, the guy is inteligent. And has recources, both personel and money. I think it's very likely he would attempt something like this. I know, in his shoes, I would.

Re:not as easy as you might think

[Mr.+Slippery]

Code generally goes through peer reviews and quality assurance before it is accepted into the main stream.

Where is this wonderful place you work?

I've worked for, lessee, eight companies over the years, ranging from the tiny to mammoth international corporations. Only two had code reviews.

At one, a well known company in the computer security field, code for a secure operating system base was reviewed by trust engineers - who were knowledgeable about the theory of security but who were not so knowledgeable about the programming language being use. We'd get questions like "what does char somecstring[16]; somecstring[0] = char(0); mean"?

At the other, a well-known aerospace contractor, reviews of code for a NASA project focused on making sure that your code met the formatting standards required - no one asked me anything at all about the semantics of my code.

Re:not as easy as you might think

[Jason+Earl]

Whatever. Excel used to have a flight simulator embedded in it, for crying out loud! IIS had a back door password of "Netscape Engineers are Weenies" spelled backwords.

Not to mention the fact that it seems like Windows has an exploit approximately every 3.5 seconds, and that's without access to the source. A terrorist at Microsoft wouldn't even have to try and embed backdoors into the software. They could just keep track of the exploitable buffer overflows and pass them on to their buddies instead of raising attention to them at Microsoft. Microsoft's entire defense stems around the fact that the "bad guys" don't have access to the code and must therefore guess where the problems are (and even still they have more than their share of problems). Someone on the inside (with access to the source) could easily subvert this process.

Re:not as easy as you might think

[Jason+Earl]

That's assuming that the terrorists would actually have to plant backdoors. It would be far less dangerous, and far easier, to simply look for buffer overflows and then not report them to management. What good is a peer review if your "peer" is actually looking for exploitable code for their own ends. A remotely exploitable buffer overflow is every bit as good as a backdoor, and if they were in QA they wouldn't even have to write it themselves, they would simply have to let it slide through.

Now, I am not saying that the Al Qaeda has penetrated Microsoft, but I can't imagine that someone working at Microsoft hasn't been tempted to simply overlook a buffer overflow. Especially now that Windows is being used to run some very tempting targets.

Re:not as easy as you might think

[jayhawk88]

Yeah, I'm sure Bill was real pissed when the lid was blown off that little hack.

Get a clue. If your a PHB code reviewer at MS, there's a big difference between finding out your programmers have actually been having a little fun on the job with a hidden easter egg, and trying to figure out the functionality of backdoorforallah.dll.

Hmmmm

[Your_Mom]

Unfortunately, since there already so many holes and bugs in XP, we will never know if they really were successful.

Unless they commented there code:

security_hole(); &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp/*b1n l@d1n r00lz!*/

Those bastards hacked the linux kernel too!

[zyqqh]

And they even left OVER 700 SEKRET MESSAGES IN THE SOURCE CODE!

Observe:

% grep -ir 'a.*l.*q.*a.*e.*d.*a' /usr/src/linux | wc -l
704

Time to outlaw leenuks, I say.

Re:Those bastards hacked the linux kernel too!

[slamb]

Off-topic but important

find /usr/src/linux -type f | xargs grep -i "a.*l.*q.*a.*e.*d.*a"

Don't do that. You're right; it is much faster. But it's less safe: it breaks if filenames contain whitespace. Ideally, they wouldn't, but remember the iTunes 2 installer? It axed entire partitions for this very reason. Filenames on a lot of systems do have spaces. Code that breaks on them is bad.

Instead, do this:

find /usr/src/linux -type f -print0 | xargs -0 grep -i "a.*l.*q.*a.*e.*d.*a"

It requires GNU find and xargs. But it really is much, much better. (It uses a null character instead of a space/newline as the seperator. Filenames can't contain nulls, since the system calls expect C-style null-terminated strings.)

(GNU bashers: There is a reason people prefer their tools. They really are better in a lot of cases.)

If you don't buy Windows XP...

[pulazzo]

then the terrorists have won.

Well you know what's next...

[ShieldWolf]

This just found in winsock.dll in XP:

seineewerastsisrorretadeuqla

*sigh*

[szcx]

It screams of a hoax, so let's put it on the front page. Way to be part of the problem, Taco.

say what?

[cr@ckwhore]

last time I checked, these afganhis were hacking and downloading movies with a commodore 64 (http://slashdot.org/article.pl?sid=01/11/17/20420 7&mode=thread)

...no other explanation needed.

Goodbye to the BSOD?

[sid_vicious]

So, does this mean goodbye to the "Bluescreen of Death" and hello to the "Bluescreen of Holy Vengeance?"

So THEY've been putting all those bugs!

[Unknown+Bovine+Group]

Well now that they've routed the enemy, we can expect future versions of MS OSes to be bug and exploit-free.

BWAHAHAHAHAA

Recycle Bin Laden!

[Stavr0]

Just put this in a .REG file and the evil will be revealed... REGEDIT4 [HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08- 00AA002F954E}] @="Recycle Bin Laden"

Daisy Cutter

[pjdepasq]

Does this mean we can drop a few 'Daisy Cutters' on Redmond?

How to tell

[Syberghost]

We'll know it terrorists slipped code into XP, because if they do, they'll make it support raw port access for non-priviledged users. Clearly only a terrorist would do that, so it'll be a dead giveaway.

good lord

[banky]

(Outside of an Al Queda recruitment center)
"OK, people. Line to the left is suicide bombers, center line is front line soldiers, right-hand, nefarious computer geeks."

or
(2 terrorists meet to discuss their accomplishments)
"I have struck a great blow against Satan! I have planted bombs and anthrax!"
"I, too, have stuck a great blow!"
"What did you do?"
"Improper bounds checking in msetl23.dll! I used my own hasty, roll-your-own strcpy()! And as a final coup de gras*, I stole 3 product activation keys and gave them to Best Buy employees"

Please.

* terrorists may not actually use phrases like this. Consult your manual.

Not as easy as you might think

[Transient0]

Not to mention that the whole story is hanging on very tentative ground.

In the first place, I notice that man is a "suspected" Al Qaeda member. From what I've been seeing lately, anyone who has the wrong kind of accent or a copy of the Koran is a suspected Al Qaeda Member.

Secondly, if this man really is a member of the organization, it should be noted that bravado and misinformation are prime terrorist tactics. It's a lot easier to spread rumours about having planted bombs, or for that matter created software bugs, than it is to actually do it. And you still get the result of people being afraid to fly or afraid to use Windows.

Thirdly, as you said, even if some programmers with less than noble intentions did manage to get employed at Microsoft, the chance that they would be able to intentionally slip in a trojan horse without it being caught in testing are pretty low.

On the other hand, i suppose they couls just sabotage the american way of life by writing bad code, but then Microsoft pays people to do that anyway.

For once, I'm sympathising with MS

[Rogerborg]

• A suspected member of the Al Qaeda terrorist network claimed that Islamic militants infiltrated Microsoft and sabotaged the company's Windows XP operating system, according to a source close to Indian police.

Look at the effect they've already had on the global airline and tourist industries, based on a net increase in danger that's insignificant compared to road deaths. Score one for the terrorists.

And here come the ill considered security measures and infringements of civil liberties. We defend Freedom by taking it away. Score two.

Then it was time to target the the government, postal service and law enforcement with a few packets of a not particularly lethal virus (sympathies to the victims though). Again, the big impact is from the FUD, as law enforcement chase hoaxes and benign packages all over the country. Score three.

Now it's software. "All your code base belong to us!" they rant. Expect the hoaxers to jump on this and a new rash of bin Laden themed virii and worms to appear. It's pure FUD, but the problem is reassuring easily frightened and confused non-techies that it isn't true. How do you disprove the existence of allegedly hidden code?

And so for once I'm actually going to get on the bandwagon with Microsoft and give this zero credibility. This pathetic piece of bluster should not be allowed to put anyone off using XP. There's plenty of real reasons for not using it, but this isn't one of them.

How to get rid of It!

[ASyndicate]

# chflags noschg /bin/laden
# rm -f /bin/laden

Warning: Utitilty /bin/laden removed. Will replace with something even more evil.

# ln /bin/microsoft /bin/laden
# chflags schg /bin/laden
# chflags schg /bin/microsoft

Thank you for removing /bin/laden

In other news...

[sheldon]

Members of the militant group Hamas have claimed responsibility for file corruption issue found in the Linux 2.4.15 kernel.

It turns out...

[Tony+Shepps]

It turns out that al Qaeda is actually a bitter DR-DOS user group.

Taking credit for other people's havok...

[coupland]

Sounds to me like al-Qaeda is just looking to take credit for the chaos caused by others.

"You will feel our wrath in the endless bugs and security holes in Windows XP!"

What's next? "We will cause random car accidents in busy intersections and will lace cigarettes with deadly carcinogens!" OOooo, their prophecies are coming true, everybody! Head for the hills!

Al Qaeda's Elite Supercomputing Matrix

[lwagner]

9:05a. Breaking News... the alleged five teraflop Al Qaeda computer hax0ring complex has been penetrated by US Special Forces...

7:30p. This just in - We have learned that the alleged Al Qaeda computing complex was destroyed. US Marines were seen removing five hourglasses, an abacus, and a piece of aluminum foil that were allegedly behind a massive recent distributed denial of service.

Two counterpoints

[Mr.+Fred+Smoothie]

In a million-plus line codebase for a product under deadline pressure, while official policy might be that "every line is checked", in reality this is highly unlikely to happen. The coders and their managers may assure the suits, "Yeah, we reviewd every line of code," but they'd be lying. It just doesn't happen. It's one of those things that everyone knows is *supposed* to happen and most people know doesn't *really* happen.

Secondly, while I agree that it's unlikely that a terrorist would approach a 13-year old kid and say, "Hey, you should start excelling in Math and then attend college to get a CS degree so that 10 years from now you can go work at Microsoft for 4 years or so (enough to gain the confidence of your managers) and then start putting back doors and bugs in their OS," it's far more plausible that a terrorist would approach a already working programmer who's naive and idealistic -- and perhaps *already* working at and trusted by managers at Microsoft -- and say, "Hey, here's how you can really help your faith..."

holy cow, I found it!

[The+Pim]

On a hunch, I started grep'ing through XP, and stumbled across the backdoor password:

!seineew era snaitsirhC dna sweJ

Doesn't work this way

[WildBeast]

Al Qaeda members aren't supposed to know what the other members are doing. Their own mission is revealed to them at the last moment.

In the article they mention the following : "authorities find some of his claims inconsistent and "too theatrical to believe.""

This guy is probably not even a member of Al Qaeda, he's just a crazy guy who's probably too dumb to even be a terrorist.

Bill Gates holds press release on Al Qaeda hacks

[hoggoth]

This just in:

"Bill Gates holds press release on Al Qaeda hacks in Windows XP."
Redmond- Bill Gates today held a press release to confirm the presence of "hacked" code in the Windows XP product, and admitted for the first time that all previous versions of Windows also had "hacked" code inserted maliciously by covert Al Qaeda operatives within the Microsoft Corporation. "We have confirmed the presence of this code in all versions of Microsoft Windows from 3.0 to XP. The code we have found was planted by covert Al Qaeda operatives who were employed by Microsoft for years. This was a long-term terrorist operation planned years in advance and executed with frightening efficiency. We have investigated the code and found it to be the cause of instability in Windows products. As a matter of fact, the infamous "Blue Screen of Death" was in fact an Al Qaeda trojan. We will be release a full list in the coming week of all the Windows problems that the Al Qaeda terrorists are responsible for after a full investigation of all the things that make Windows suck."

Ah...

[ZoneGray]

Ahhh, it all makes sense now. No matter how hard I tried, I could never land properly in MS Flight Simulator.

Breaking up Microsoft!

[Proud+Geek]

At only $27,000 each, a Daisy Cutter would be both faster and cheaper than waiting for the courts to break up Microsoft.

lets get it straight

[abes]

They were planting features, not trojans or trapdoors.